📚 The CoCalc Library - books, templates and other resources
License: OTHER
Abstract Algebra: An Interactive Approach, 2e
©2015 This notebook is provided with the textbook, "Abstract Algebra: An Interactive Approach, 2nd Ed." by William Paulsen. Users of this notebook are encouraged to buy the textbook.
Chapter 13
Finite Division Rings
Initialization: This cell MUST be evaluated first:
Entering Finite Fields in Sage
In this section we will experiment with finite fields using Sage. Although we have seen how integral domains can be entered into Sage, fields have additional properties that allow for shortcuts in this process. In fact, we will find that any finite field can be defined in Sage with only 3 commands.
We have already seen several examples of finite fields. The first example was the discovery that whenever p is prime, the ring Zp forms a field with p elements. In chapter 3 we found another example of a finite field—the "complex numbers modulo 3." This ring was defined in Sage with the commands
The multiplication table
reveals the fact that this ring is indeed a field of order 9.
EXAMPLE:
Find a connection between the field K and the polynomials in Z3[x].
We will restart with Z3, and form a polynomial.
Since the variable x was defined with the field definition, we can factor the polynomial A over this field:
This factorization isn't exactly the same as the original product which produced A, but we know from Corollary 12.5 that Z3[x] is a unique factorization domain. Therefore, these factors must be associates of the original factorization. Can you see which pairs of factors are associates?
EXPERIMENT:
By replacing the polynomial A in the last command with various second degree polynomials, determine all second degree polynomials in Z3[x] which are irreducible. For simplicity, assume that the coefficient of the x2 term is 1, so there will be only 9 polynomials to check. (The polynomials beginning with 2x2 will, of course, be associates of the polynomials you find.) Is there one irreducible polynomial that seems to have a relationship with the "complex numbers modulo three"?
We have hinted that the field of complex numbers modulo 3 are related to Z3[x]. How so? Each element of K can be thought of as evaluating some polynomial in Z3[x] at x = i. Even though i is not an element of Z3, we can consider any polynomial in Z3[x] as being also a polynomial in K[x].
This suggests that we should use the evaluation homomorphism
ϕi : K[x] → K.
However, we can restrict this homomorphism to apply only to polynomials in Z3[x]ϕi′ : Z3[x] → K.
The image will still be all of K, since ϕ(x) = i. The kernel of this homomorphism will consist of all polynomials in Z3[x] that yield 0 when evaluated at x = i. For example, x2 + 1 is in the kernel, as are all multiples of x2 + 1. In fact, if f(x) is an element of the kernel, then gcd(f(x), x2 + 1) must be in the kernel, and x2 + 1 is irreducible in Z3[x], as we found in the experiment. Thus, the kernel must be precisely the multiples of x2 + 1. This ideal can be described as ⟨x2 + 1⟩, the ideal generated by x2 + 1.By the first ring isomorphism theorem (10.2), we now have that
K ≈ Z3[x]/⟨x2 + 1⟩
since the field K is the image of the homomorphism ϕi′.EXAMPLE:
Find a field of order 25.
Recall that we tried to form a field by extending Z5 by an element i, where i2 = −1. However, we failed to produce a field, since the ring had zero divisors. We succeeded in producing the ring
K ≈ Z5[x]/⟨x2 + 1⟩
but x2 + 1 factors in Z5[x]: (x + 2)·(x + 3). This factorization apparently causes the zero divisors to appear in the quotient ring. Perhaps we should try using a polynomial that is irreducible in Z5[x]. We first define Z5 in Sage.Next, we find a polynomial that is irreducible in Z5. There are several to choose from, but let us try the following:
This shows that the polynomial x2 + 2x + 3 is irreducible in the field Z5.
EXPERIMENT:
Can you change the 3 in the polynomial to find another number to find a different irreducible polynomial?
Let us see if we can find a field for which x2 + 2x + 3 has a root. We will denote denote one of the roots by the letter w. Then it is clear that
w2 = −2 w − 3.
Let us define an element w such that w2 = −2 w − 3 in Sage.Sage can now determine other powers of w.
How did Sage compute this? Note that
w3 = w·w2 = w·(−2 w − 3) = −2 w2 − 3 w = −2(−2 w − 3) - 3 w = (4 w + 6) − 3 w = w + 6.
This then simplifies to w + 1 in Z5. In fact, Sage can list the elements in this ring.The length of this ring is
which is still small enough for us to look at a multiplication table.
Look carefully. You'll see there are no zero divisors in this ring. So this ring is a field. The fact that Sage was able to construct this ring through the Define command verifies that this is indeed a field.
How would we describe this field? As in the case of Z3[x]/⟨x2 + 1⟩, we can consider every element of H as a polynomial of Z5[x] for which x was replaced by w. That is, we consider the evaluation homomorphism
ϕw : H[x] → H.
However, we can restrict this homomorphism to apply only to polynomials in Z5[x]:ϕw′ : Z5[x] → H.
The kernal of this homomorphism is ⟨x2 + 2 x + 3⟩, and the image is certainly all of K. So by the first ring isomorphism theorem (10.2), we haveH ≈ Z5[x]/⟨x2 + 2 x + 3⟩.
Thus we have found a way to form fields out of polynomial rings.
DEFINITION 13.1
The field formed in Proposition 13.1 is called the extension field of K through the irreducible polynomial f(x).
EXAMPLE:
Repeat the process for a third degree polynomial in Z3[x] that is irreducible.
The only way to find such a polynomial is by trial and error. Let us try the following polynomial:
Unfortunately, this polynomial does reduce in Z3[x].
EXPERIMENT:
Try changing one or more of the coefficients so that the resulting polynomial is irreducible. Leave the x3 term as it is. There is more than one solution.
Once we have found an irreducible polynomial of degree three, we are ready to define a new field. We will let a be one of the zeros of the polynomial, and we will solve for a3. That is, for the polynomial
x3 + x2 + x + 1,
we would leta3 = −a2 − a − 1.
EXPERIMENT:Determine what a3 would be using your polynomial which you found from the last experiment. Fill in the space with the answer, and execute it to produce a multiplication table, and verification that your ring is a field.
Note that since the irreducible polynomial was a cubic, the elements of the field sometimes had to be expressed in terms of a2. This is why the basis for this ring was {1, a, a2}. In general, of the degree of the polynomial is d, then the basis of the ring will be
{1, a, a2, a3, … ad−1}.
Thus, in the above example there were 33 = 27 elements. It is not hard to prove the following generalization.
EXPERIMENT:
In the above experiment, you created a field R for which an irreducible polynomial in Z3 now has a zero. Let us verify that this polynomial factors over the new field. Replace the polynomial in the command below with your polynomial from above, and execute.
How many zeros does this cubic have over R?
Whenever a finite field is defined by an extension through an irreducible polynomial, the order of the field will be a power of a prime. We would like to show that all finite fields are produced in this way. So naturally we begin by showing that all finite fields have an order that is a power of a prime number.
According to this proposition, it is impossible to find a field of order 6. However, it is still possible to find a field of order 4. Let us see if we can find
one. Since a field of order 4 must have characteristic 2, let us begin by loading Z2.
Now let us try to find a second degree irreducible polynomial in Z2.
This polynomial factored, and in fact, has a double root.
EXPERIMENT:
Change the polynomial x2 + 1 in the above statement to find a second degree irreducible polynomial. Once this is found, use a define command to define the element a to be a root of this polynomial. Find the ring generated by a, and display a multiplication table of this ring to verify that it is a field.
As we see from this example, it is fairly easy to enter finite groups into Sage, as long as they can be expressed as an extension field of Zp through some irreducible polynomial of Zp[x]. In the next section, we will show that all finite fields can be obtained in this way. In fact, our goal will be to clasify all finite fields.
Properties of Finite Fields
In the last example we starting looking at examples of finite fields. In this section we want to explore the properties that all finite fields have in common. In the process, we will discover that there aren't as many finite fields as one would expect.
We begin by observing that if F is a finite field, that the multiplicative group F must be a finite abelian group. The natural question one would ask is "which abelian group is F?" If the field is of order pn, the group F* has order pn − 1. From the fundemental theroem on abelian groups, the possible groups of order pn − 1 is limited. Perhaps by experimenting, we can get a clue as to which abelian group of order pn − 1 is produced.
EXPERIMENT:
Reload the field of "complex numbers modulo 3".
Study the multiplication table, and determine which of the three groups
Z8, Z2 × Z4, or Z2 × Z2 × Z2,
is formed by K*.We can find the multiplicative group for some of the other finite fields that we found in the last section very easily. For example, the field of order 4 has a multiplicative group of order 3, so this group must be Z3.
On the other hand, the field of order 27 must have a group of order 26 as its multiplicative group. By the fundemental theorem of abelian groups, there is only one such group: Z26. So in all of the cases we have explored, the multiplicative group of a finite field turns out to be cyclic. Let us see if we can prove this pattern continues using the fundemental theorem of abelian groups.
Now that the multiplicative group is completely understood for a finite field, let us turn our attention to the group of automorphisms on the field. We have previously seen examples where the group of automorphisms gave us insight into the structure of a ring, and finite fields are no exception. We begin by proving some basic lemmas in number theory.
The next lemma starts to reveal the automorphism we are looking for.
We are now ready to produce one automorphism on a finite field, which we will use to generate all other automorphisms.
We can define the Frobenius automorphism in Sage. Let us begin by defining a field of order 16, using the fourth degree
polynomial x4 + x3 + 1 in Z2[x].
Since a is the generator of this new field, we only have to tell Sage where this generator is mapped to.
We can even make a circle graph of this automorphism.
Once we have the one automorphism ƒ(x), we can find more. For example, ƒ(ƒ(x)), ƒ(ƒ(ƒ(x))) are automorphisms. Of course this eventually will produce the identity automorphism, and it is not hard to determine the order of ƒ(x).
EXPERIMENT:
For the Frobenius automorphism ƒ(x) defined above, determine what ƒ(ƒ(a)) is. Then create the automorphism g(x) = ƒ(ƒ(x)) in Sage. Form the circle graph of the new automorphism. Which elements are fixed by g(x)? That is, which elements map to themselves in the automorphism? Show that these elements form a subfield of the field K.
One application that these automorphisms on K have is that they can be applied to polynomials in K. We first need to show some simple lemma to indicate how to apply the Frobenius automorphism to K[x].
We can apply Lemma 13.3 to the case where ƒ is an automorphism on K[x], such as the Frobenius automorphism. By extending the Frobenius automorphism to a polynomial, we can generate irreducible polynomials in Zp[x]. These irreducible polynomials are important, since we can define the field in terms of these polynomials.
PROPOSITION 13.5
Let F be a finite field of characteristic p. For any y in F, let n be the smallest number such
that ypⁿ = y. If ƒ(x) is the Frobenius automorphism, then
g(x) = (x − y)·(x − ƒ(y))·(x − ƒ(ƒ(y)))· ⋯ ·(x − ƒ n−1(y))
is an irreducable polynomial of degree n in Zp[x]. Here, ƒ n−1 means ƒ applied to itself n − 1 times.
The irreducible polynomial generated by this proposition is important enough to warrent a definition.
DEFINITION 13.2
The polynomial produced by Proposition 13.5 is called the irreducible polynomial of y over Zp. If y is in Zp, this polynomial is simply x − y.
We can now use Proposition 13.5 to show us that every finite field can be produced as an extention of Zp over an irreducible polynomial. While we are at it, we will prove a statement that is true for all fields, not just finite fields.
PROPOSITION 13.6
Let K be any field, and F be a subfield of K. Suppose there is an element y of K such that there are no proper subfields
of K containing both F and y. Suppose that there is a polynomial f(x) in K[x] with coeffients
in F such that f(y) = 0. Suppose further that f(x) is an irreducible polynomial when treated as a polynomial
in F[x]. Then K is isomorphic to F[x]/(f(x)).
One immediate application of Proposition 13.6 is to show us that every finite field can be produced as an extention of Zp over an irreducible polynomial. We will use the polynomial derived in Proposition 13.5.
Because every finite field is generated by a single polynomial in Zp[x], Sage can define any finite field. In fact, Sage is really defining Zp[x]/⟨f(x)⟩ when we use the Define command, subtracting the two arguments to determine the polynomial. For example, we could have defined the complex numbers mod 3 this way:
This way emphasises that we are really defining Z3[x]/⟨x2 + 1⟩. We can now compute i2 in our new field:
We can directly list the elements in the field.
In this new field, x2 + 1 will factor.
But there are two other irreducible second degree polynomials in Z3[x], x2 + x + 2 and x2 + 2x + 2. What if we formed fields using these?
EXPERIMENT:
Do the other two polynomials factor over the field K?
Try defining Z3[x]/⟨x2 + x + 2⟩, using w as the element which satisfies the equation. Do all three polynomials x2 + 1, x2 + x + 2, and x2 + 2x + 2 factor in this field?
What about the field Z3[x]/⟨x2 + 2x + 2⟩?
What does this tell us about the fields Z3[x]/⟨x2 + 1⟩, Z3[x]/⟨x2 + x + 2⟩, and Z3[x]/⟨x2 + 2x + 2⟩? (Hint: See Proposition 13.6.)
For small fields (such as those of order 9), we might not expect to have too many fields of the same order. So let us consider larger finite fields, to see if the same pattern persists.
EXPERIMENT:
Here are two polynomials which are irreducible in Z3[x]:
x3 + 2x + 1, and
x3 + x2 + x + 2
Define the field Z3[x]/⟨x3 + 2x + 1⟩ in Sage, and see if the second polynomial factors in this field. Likewise, define the field Z3[x]/⟨x3 + x2 + x + 2⟩ in Sage to determine whether the first polynomial factors over this field. What do you obverse? How would you interpret the result?To understand the significance of having the generator of one field factor completely in another field, let us look at an example where this doesn't happen. Consider two fields of characteristic 2, one of order 4, and the other of order 8. We will use the polynomials x2 + x + 1 and x3 + x + 1.
This time, one of the polynomials factor, while the other did not. Let's try the other field.
Let us see whether x3 + x + 1 factors in K, or whether x2 + x + 1 factors in F.
Thus, we see that the polynomial which defines K is irreducible in F, and vice versa. Hence, the element a cannot be expressed in terms of b, so the fields K and F are totally different.
Can we find a field containing both K and F at the same time? The natural choice would be to define both a and b using their respective polynomials.
How many elements are there in this long list? We can have Sage count them for us.
It is easy to find subfields which are isomorphic to both K and F in this field.
Can we find a basis? Simply combining the basis for K and F, giving {1, a, b, b2} will not be enough, since there are 64 = 26 elements in L, so we need 6 elements for the basis.
EXPERIMENT:
By examining the elements of L, can you find two more elements that need to be in the basis?
It should be noted that this is an extremely inefficient way of defining this finite field, since Corollary 13.2 guarantees that this field can be defined using a single generator, and a single polynomial (which would be sixth degree). In the next chapter, we will deal with a similar chain of infinite fields.
In general, we will be able to find a large field containing two different finite fields, provided that the characteristic of the two fields are the same.
We can now use this lemma to show that there is only one non-isomorphic field of a given order.
This proposition explains the strange behavior of fields that we discovered in our experiment. Whenever a finite field F is extended though an irreducible polynomial, all irreducible polynomials in F[x] of the same degree factor completely in the new field. The reason is now clear: the field
F[x]/⟨f(x)⟩
only depends on the degree of the irreducible polynomial f(x).We have already seen fields of order 4, 9, and 27 in this chapter. We in fact can refer to them as the fields of order 4, 9, or 27. However, there is one question we have yet to answer. Given a prime number p and an integer n, is there a field of order pn? It seems like all we would need to construct such a field is an irreducible polynomial f(x) in Zp[x] of degree n, and then the field
Zp[x]/⟨f(x)⟩
would have order pn. The only problem with this argument is that we have not shown that there is an irreducible polynomial of degree n in Zp[x]. In order to construct such irreducible polynomials, we will need to utilize a special class of polynomials—the cyclotomial polynomials. These polynomials have many different uses not only in this chapter, but also later on as we study Galois theory.The Cyclotomic Polynomials
We now pause from our work on finite fields to discuss a special class of polynomials in ℤ[x]. These polynomials occur in the factorizations of the simple polynomial xn − 1. Although these polynomials are constructed easily, they have a tendency to appear in many differnt applications.
To introduce the cyclotomic polynomials, we will begin by noticing a pattern in the following factorizations:
EXPERIMENT:
Continue this pattern using Sage to factor the polynomials up to x10 − 1. Notice that each time there is exactly one new polynomial appearing in the factorization that has not appeared in any previous factorization.
Our plan is to find a formula for the irreducible polynomials produced in these factorizations. A natural starting place would be to find all of the complex roots of the polynomial xn − 1. But we have already seen that the primitive nth roots of unity are of the form ωnk, where k is coprime to n.
How are the primitive roots of unity related to the factorizations of xn − 1? It is clear that the primitive roots are precisely the complex zeros of xn − 1 that are not zeros of xm − 1 for m < n. Thus, if we wish to find the factor of xn − 1 that does not appear in any previous factorizations, we should look for a polynomial whose only complex roots are the primitive nth roots of unity.
EXAMPLE:
Find a factor of x8 − 1 that does not appear in any previous factorizations of xn − 1.
The primitive eighth roots of unity were found to be ω8, ω83, ω85 and ω87. Thus, the simpliest polynomial that has these four complex roots would be
Lo and behold, this simplified into a polynomial with integer coefficients. Apparently not only did the imaginary part cancel, but also the square roots simplified. What's more, this is precisely the new irreducible factor of
so we have found the factor we were looking for.
EXPERIMENT:
You have already found the primitive twelvth roots of unity. Using the above example as a model, find the simpliest polynomial with the primitive twelvth roots as the complex zeros.
Compare this to the factorization of x12 − 1:
What do you discover?
Let us use these examples as a model for our definition.
DEFINITION 13.3
For n > 0, we define the nth cyclotomic polynomial to be the product
Φn(x) = (x − ωnk¹)·(x − ωnk²)·(x − ωnk³) ⋯ (x − ωnkⁱ),
where k1, k2, k3, … ki are the integers between 0 and n that are coprime to n.It is sometimes convenient to use a special notation for a product of many terms. Just as the sigma Σ can be used to denote the sum of many terms, a large Π (the upper case π) is used to denote such a product. Thus, we could write
| n | ||
| Φn(x) = | ∏ | (x − ωnk). |
| k = 1 | ||
| gcd(k, n) = 1 | ||
In this product, the index k ranges from 1 to n, but we only consider the values of k for which gcd(k, n) = 1. It is apparent from the definition that the degree of the nth cyclotomic polynomial is ϕ(n), where ϕ is Euler's totient function.
Although this definition uses complex numbers, we observed that the polynomials always produced integer coefficients. The next proposition shows us how to find the cyclotomic polynomials without having to work with complex numbers.
Here, the product is taken over all values of k that divide n.
To help understand this notation, let us look at the case where n = 12. Then Proposition 13.7 states that
| x12 − 1 = | ∏ | Φk(x) = Φ1(x)·Φ2(x)·Φ3(x)·Φ4(x)·Φ6(x)·Φ12(x). |
| k | 12 |
This can be seen in the factorization of x12 − 1:
Proposition 13.7 at least explains our observation that the factorization of xn − 1 always produces a new factor. However, we have not proven that the cyclotomic polynomials are irreducible in ℤ[x]. We have to begin by showing that Φn(x) is indeed in ℤ[x].
It is actually very easy to generate the nth cyclotomic polynomial in Sage. The commands
find the third and sixth cyclotomic polynomial. It is easy to see experimentally that Corollary 13.4 is true. In fact, is seems as though all coefficient of the cyclotomic polynomial are either 0 or ±1.
EXPERIMENT:
Use Sage to find many different cyclotomic polynomials. Are all of the coefficients 0 or ±1? (Hint: Start your search at around n = 100.)
The next corollary is another easy consequence of Corollary 13.4.
We now want to find some properties of the cyclotomic polynomials. One of the most important properties is that two different cyclotomic polynomials cannot share a root
in the complex numbers. (This is obvious from the definition.) However, we will be working with other fields besides the complex numbers, so we could ask whether
a cyclotomic polynomial has a multiple root in any field.
We begin by defining a multiple root of a polynomial.
DEFINITION 13.4
If r is a root of a polynomial f(x), and (x − r)2 divides f(x), we say r is a multiple root of f(x).
We would like to determine when xn − 1 has multiple roots. Our strategy is to discover the form of the quotient
| xⁿ − 1 | . |
| x − 1 |
We can use Sage to help us find a pattern. For example, (x⁴−1)⁄(x−1) is given by
Here is another example:
A pattern is starting to form. Can you find it?
EXPERIMENT:
Use Sage to simplify (x⁷ − 1)⁄(x−1) and (x¹² − 1)⁄(x−1). Is the pattern becoming clear?
We can use the pattern of these quotients to prove the following:
We are finally ready to show the irreducibility of Φn(x).
Lemma 13.5 can also be used to generate irreducible polynomials in Zp[x] of any degree. In fact, these irreducible polynomials are the key to proving that a field of order pn exists.
We can now prove what we had suspected was true from the experiments: that there is precisely one field of order pn, where n > 0 and p is a prime number.
DEFINITION 13.5
If q = pn, where p is prime and n > 0, then the Galois field of order q, denoted GF(q), is the unique
field given in Corollary 13.6.
For example, the official name for the "complex numbers modulo 3" we have been working with is GF(9). Whenever p is prime, we can write GF(p) for the field Zp.
When we first defined GF(9), we used the irreducible polynomial x2 + 1 in Z3[x] to make the definition. But there are two other second degree irreducible polynomials with a leading coefficient of 1 in Z3[x], namely, x2 + x + 2 and x2 + 2 x + 2. We could have used either of these to define GF(9):
We know from Corollary 13.3 that these are both isomorphic to GF(9), but the notations for these are vastly different. This begs the question as to whether there is an official way to describe the elements of GF(pn).
It is clear that we must first pick an irreducible polynomial f(x) of degree n over Zp[x], and then we let a = x + ⟨f(x)⟩ be a root of this polynomial in Zp[x]/⟨f(x)⟩. This will allow every element of GF(pn) to be expressible in terms of a.
But we also know from Proposition 13.4 that the group GF(pn)* is a cyclic group, and so we can choose the polynomial f(x) so that a will be a generator of this group.
DEFINITION 13.6
The Conway polynomial of degree n over Zp is the polynomial of degree n in Zp[x] with the following characteristics:
1) Primitive:
The polynomial f(x) is irreducible, has a leading coefficient of 1, and x + ⟨f(x)⟩ is a multiplicative generator of the finite field Zp[x]/⟨f(x)⟩.
Such polynomials are called primitive polynomials.
2) Compatibility:
The polynomial is compatible with the way that the subfields of GF(pn) are defined. To be compatible, for all divisors d of n less than n, the
| pⁿ − 1 | th |
| pd − 1 |
3) Tie breaker:
If two or more primitive polynomials satisfy the compatibility condition, let m be the highest power of x for which the coefficients differ. If n − m is even, pick the one with the smallest coeffient from the set {0, 1, … p − 1}. If n − m is odd, pick the largest, unless there is one with a coefficient of 0.
This definition at first seems counter-intuitive. Logically, a zero coefficient is always preferred over a nonzero term, but sometimes we pick the polynomial with the largest coefficient, and sometimes use the one with the smallest.
But to understand why this is so, consider the first degree Conway polynomials. Since all of the primitive polynomials are of the form x + c, with c ≠ 0, they differ only in the constant term. Hence m = 0, so n − m will be odd, and we should select the primitive polynomial with the largest c. This in turn will make the root of this polynomial be as small as possible. So for p prime, the root of the Conway polynomial of degree 1 will represent the smallest generator of the group Zp*. In general, the Conway polynomial is designed so that the roots will be minimized.
EXAMPLE:
Let us use this definition to find the Conway polynomial of degree 2 over Z3.
There are three irreducible polynomials of degree 2 in Z3[x] with a leading coefficient of 1: x2 + 1, x2 + x + 2, and x2 + 2 x + 2. The roots of x2 + 1 in Z3[x]/⟨x2 + 1⟩ have order 4, not 8. Since the multiplicative group is isomorphic to Z8, which has 4 generators, we know that there will be 2 primitive polynomials. So x2 + x + 2 and x2 + 2 x + 2 pass the first test.
In order to understand the compatibility condition, we must first find the Conway polynomial of degree 1 over Z3. Since there is only one multiplicative generator of Z3, namely 2, there is only one primitive polynomial of degree 1,
x − 2 = x + 1.
Now in order for a primitive polynomial of degree 2 to be compatible, the (3² − 1)⁄(3₁ − 1), or 4th power of the roots must be a root of x + 1. Hence, x2 + 1 does not satisfy this compatibility condition since i4 = 1, not 2 in GF(9). However, both x2 + x + 2 and x2 + 2 x + 2 will satisfy the compatibility condition, since both of the above multiplication tables show that a4 = 2. (If one root satisfies the compatibility condition, it is clear that the other root will too, since the Frobenius automorphism sends one root to the other.)
Of the two possible primitive polynomials remaining, we look for the largest power of x for which these differ, x1, and since n − m = 1 is odd, and neither x1 coefficient is 0, we pick the larger of the two possible coefficients. So the Conway polynomial is x2 + 2 x + 2. We can use Sage to verify this.
Hence, the official notation for GF(9) is
Note: Sage has a shortcut method for the above definition:
EXAMPLE:
Let us find the Conway polynomial of degree 4 over Z3.
We can find all of the primitive polynomials of degree n = 4 by factoring Φ(pₙ−1)(x) in Z3[x]. (See Problem 15.)
So we have 8 primitive polynomials of degree 4 over Z3, each having n = 4 roots which are generators of GF(81). But we need the compatibity condition to be satisfied. That is, for a root r in one of these polynomials, we need the (3⁴ − 1)⁄(3₁ − 1) = 40th power of r to satisfy x + 1 = 0, while the (3⁴ − 1)⁄(3₂ − 1) = 10th power of r must satisfy x2 + 2 x + 2 = 0. In other words, r will satisfy r40 + 1 = 0, and r20 + 2 r10 + 2 = 0.
Four polynomals are in common with all three factorizations, so these four pass the compatibility test:
x4 + x3 + 2, x4 + x3 + 2 x2 + 2 x + 2, x4 + 2 x3 + 2, and x4 + 2 x3 + 2 x2 + x + 2.
Since they differ in the x3 power, and none of them are missing the x3 term, we pick one with the largest coefficient. (Again, n − m = 4 − 3 is odd.) Of the 2, we pick the one with the smallest x2 coefficient (n − m = 4 − 2 is even), giving us x4 + 2 x3 + 2. We can verify this with the ConwayPolynomial command:This means we can have the official definition of GF(81) as
The Galois fields have many applications. A code very simular to the RSA code studied in chapter 3 was developed using Galois fields of characteristic 2. For a long time the field of order 2127 was used, since the multiplicative group is of order 2127 − 1, which happens to be prime. (Primes of this form are called Mersenne primes.) This code had the advantage that the key was much shorter than the RSA key, and multiplication in this field could be quickly implimented in binary hardware. However, due to the special properties of finite fields, this code was recently cracked. In order to ensure safety of the encription, the size of the field had to be upped to order 22203, which diminished the advantage over the RSA code.
But there is another type of code based on Galois fields, called the Reed-Solomon code, which is not used for security but rather for the storage or transfer of digital data. All digital information, such as the storage of a file in a computer or a song on a compact disk, is stored as a string of "bits" that are either 0 or 1. We will let K denote a finite field of characteristic 2. For example, if K = GF(256), then each element of K would correspond to a computer "byte." (Each byte is eight bits.) A string of n bytes (a0, a1, a2, a3, … an−1) is encoded as a polynomial in K:
f(x) = a0 + a1 x + a2 x2 + a3 x3 + ⋯ + an−1 xn−1.
The encription of this list of elements is simply the evaluation of this polynomial at the 256 elements of K. That is, if g is a generator of the multiplicative group K*, thenf(0), f(g), f(g2), f(g3), … f(g255)
is transmitted in place of the numbers a0, a1, a2, a3, … an−1. We know from Corollary 12.3 that we can derive the original list of elements from any n of the numbers transmitted. Thus, if there are some errors in the transmition, the original list can still be reconstructed. Using combinatorial reasoning, Reed and Solomon showed that as many as (255 − n)/2 errors could occur, and yet the original list of elements can be decoded.For example, if n = 251, then every 251 bytes is converted to a 250 degree polynomial, which is evaluated at the 256 elements of K. Even if two of these bytes are transmitted incorrectly, the 251 original bytes can be correctly reconstructed. This is an example of what is called an error-correcting code. This code was used by the Voyager II spacecraft to transmit pictures of Uranus and Neptune back to Earth. A version of this code (using a larger field K) is used to store the digital music on a compact disk. Current CD players can cope with errors as long as 4000 consicutive bits on the CD, typically caused by a scratch on the CD surface. The Reed-Solomon code will also allow over 500 channels of digital television in the near future.
The ironic part of this code is that, when Reed and Solomon first discovered the code in 1960, it was described as "interesting, but probably not practical." It wasn't until hardware technology advanced to the point that the code could be implimented before the real value of this code was evident. As with most mathematics, the usefulness of a particular result is not seen until long after the result is published.
One final application of finite fields arises from the study of simple groups. Almost all of the simple groups besides the alternating groups are defined in terms of finite fields. For example, the simple group Aut(Z24*) can be expressed as the 3 by 3 matrices in the field Z2 with determinant 1. This example can be generized a group G of m by m matrices over any finite field of order pn. When pn > 2, there may be a nontrivial center Z formed by diagonal matrices. However, we can form the quotient group G/Z. The group generated will be simple if m > 2, or if m = 2 and pn > 3.
There are several other ways of forming simple groups using finite fields. In fact, besides the alternating groups, there are only 26 finite simple groups that are not expressed using finite fields. Thus, finite fields are of key importanance in the classification of all finite simple groups.
Finite Skew Fields
Since we have completely classified all finite fields, a natural question is whether we can classify all finite skew fields, and whether these can be easily entered into Sage. At first this seems like it would be a harder problem, since there are many non-abelian groups, and many non-communitive rings. However, a surprising result is that there are no finite skew fields. In other words, any finite division ring must be commutative. In this section we will prove this remarkable result, known as Wedderburn's theorem.
We begin by carrying over some ideas from group theory. One of the ways we studied non-abelian groups was to find the center of the group, since this was always a normal subgroup. We can ask whether the set of elements of a skew field that commute with all of the elements forms a special set.
DEFINITION 13.7
Let K be a skew field. Then the set of all elements x of K such that
x·y = y·x for all y ∈ K
is called the center of K.Let us look at an example. The only skew field we have seen is the ring of quaternions, ℍ. The Sage command
allows us to experiment with this skew field. What is the center of this skew field? To answer this question, let us first define two typical elements in ℍ.
These will commute as long as A·B = B·A, or equivalently, A·B − B·A = 0. Let us compute this in Sage:
The normal expand function does not work on quaternions, so we can use Together instead.
EXPERIMENT:
Can you find a relationship between A·B − B·A and the three dimensional vectors u = ⟨u1, u2, u3⟩ and v = ⟨v1, v2, v3⟩. For what values of u0, u1, u2, and u3 does A·B − B·A = 0 for all possible values of B? (Hint: which variables are missing in A·B − B·A?)
It is fairly clear from this experiment that the center of ℍ is the set of quaternions for which u1 = u2 = u3 = 0. Thus, the center is basically the field of real numbers. We can easily prove that the center of a skew field will always form a field.
Another concept from group theory that carries over into the study of fields is the normalizer. Recall the definition of a normalizer of a subset S of a group G. We defined
NG(S) = { g ∈ G | g·S·g-1 = S }.
We would like to apply the normalizer to the multiplicative group of a field. In particular, we would like to consider the normalizer of a particular element, that is, when S = {y}.Let us find the normalizer of the element i in the nonzero quaternions. This consists of all elements A such that A·i·A-1 = i. We can use Sage to help us find this set.
EXPERIMENT:
By examining the result of the computation
determine the values of u0, u1, u2, and u3 that allow this to be 0. (Hint: when does the i componient equal zero?) This gives us the set Nℍ⁎({i}). Next replace both i's with j's to find the set Nℍ⁎({j}).
We see from this experiment that the normalizer does not quite form a field, since it does not include the zero element. Yet if we added the zero element to Nℍ⁎({i}) or Nℍ⁎({j}), we got a field which was equivalent to the complex numbers. In fact, whenever y is not real, Nℍ⁎({y}) ∪ {0} yields a copy of the complex numbers. Hence, there are actually an infinite number of complex number planes within the field of quaternions.
It is not hard to show that for any skew field, whenever we add the zero element to the normalizer, we will either get a field or a skew field.
We now can apply the center and normalizer to finite division rings. We first need a lemma that will help us out regarding the divisibility of the orders of finite fields.
This lemma reveals the possible orders of division rings within a finite division ring.
Note that this corollary has applications in finite fields. For example, it shows that the field of order 16 cannot have a subfield of order 8.
There is one more tool that we need from group theory, which stems from the normalizer. We discovered in §7.4 that the class equation was a powerful tool in analyzing groups. In fact, all three Sylow theorems hinge on the class equation. So let us observe how this useful tool applies to skew fields. Recall that the class equation theorem (7.2) stated that when G is a finite group, then
| |G| = | ∑ | | G | | , |
| | NG({g}) | | |||
| g |
where the sum runs over one g from each conjugacy class.
If K is a finite skew field, we can apply the class equation theorem to the multiplicative group K*, and find that
| |K*| = | ∑ | | K* | | . |
| | NK⁎({k}) | | |||
| k |
We can make the obvious substitutions |K*| = |K| − 1, and | NK⁎({k}) | = |Yk| − 1. The equation now looks like
| |K| − 1= | ∑ | |K| − 1 | , |
| |Yk| − 1 | |||
| k |
We are almost ready to use the class equation to prove that finite skew field cannot exist. But first we need to prove a simple inequality about the evaluation of a cyclotomic polynomial at a positive integer.
The final step is to use Lemma 13.9 to prove a contradiction in the class equation for finite skew fields.
In a sence, the non-existance of finite skew fields is sad, since there would be plenty of applications for skew fields in crytography and group theory if they had existed. On the other hand, this result, when combined with the classification of all finite fields, means that we have found all finite division rings.
Proofs:
Proof of Proposition 13.1:
Since K is a field, by Corollary 12.7 K[x] is a principal ideal domain. Since f(x) is an irreducible element of K[x], we have by Lemma 12.6 that the quotient H = K[x]/⟨f(x)⟩ is a field.
Finally, we need to show that the field H contains K as a subfield. Consider the mapping
ϕ : K → H
given byϕ(y) = y + ⟨f(x)⟩.
This is certainly a homomorphism, since it is a restriction of the natural homomorphism from K[x] to K[x]/⟨f(x)⟩. The kernel of ϕ is just {0}, so the image is isomorphic to K. Thus, K[x]/⟨f(x)⟩ contains K as a subfield.Proof of Proposition 13.2:
By the division algorithm theorem (12.1), every element f(x) of Zp[x] can be written
f(x) = q(x)·A(x) + r(x),
where either r(x) is 0, or the degree of r(x) is less than d. Thus, the typical element of K,f(x) + ⟨A(x)⟩,
could be written as r(x) + ⟨A(x)⟩. Furthermore, the r(x) is uniquely determined from the division algorithm. Thus, there are as many elements in K as there are polynomials in Zp[x] with degree less than d, counting the zero polynomial. All such polynomials can be writtena0 + a1 x + a2 x2 + a3 x3 + ⋯ + ad−1 xd−1
with each ai between 0 and p − 1, inclusively. Since there are d coefficients, each of which can be p different numbers, there are exactly pd possible polynomials of degree less than d. Thus, |K| = pd.Proof of Proposition 13.3:
Let q be the order of K. From the additive structure of the ring, we see that q·x = 0 for all x in K. Thus, the characteristic is positive, and by Proposition 11.2, the characteristic is a prime number, p.
Suppose that q has a prime factor r other than p. Then the additive group of K must have a subgroup of order r, according to Lemma 6.2. Hence r·x = 0 for some element x in K. But this contradicts Proposition 11.2, since r is not divisible by p. Therefore, q has no prime factors other than p, so q = pn for some integer n.
Proof of Proposition 13.4:
Since F* is abelian, by the fundamental theorem of abelian groups (6.2),
F* ≈ Zd₁ × Zd₂ × Zd₃ × ⋯ × Zdₙ,
where the di are all powers of prime numbers. Let d be the least common multiple of the set {d1, d2, d3, … dn}. Then for all x in F*, we have that xd = 1. Thus, the polynomial has |F*| solutions. By Corollary 12.2, d must be at least |F*|. But we also have|F*| = d1·d2·d3 ⋯ dn.
so d is at most |F*|. Thus, d = |F*|, and so d1, d2, d3, … dn are coprime. Therefore, the group F* is cyclic.Proof of Lemma 13.1:
Since Zp* is of order p − 1, we have by Corollary 3.2 that
n p−1 = 1
for all elements n in Zp*. (This result is commonly called Fermat's little theorem.) If we multiply both sides by n,n p = n,
we have a statement that is true for n = 0 as well. Thus, n p = n for all n in the ring Zp. This statement, when converted into modular notation, becomesn p ≡ n (mod p) for all integers n.
Proof of Lemma 13.2:
If g = 0, f(x) = xp − xp = 0, so the result is trivial. Let us suppose that g is nonzero.
Note that the leading term of (x + g)p is xp, which will cancel in f(x). Thus, f(x) has degree at most p − 1. We will show that for every n, n·g is a root. Observe that
f(n·g) = (n·g + g)p − (n·g)p − g p = ((n + 1)p − n p − 1)·g p.
By Lemma 13.1,(n + 1)p ≡ (n + 1) (mod p) and n p ≡ n (mod p).
Thus,(n + 1)p − n p − 1 ≡ (n + 1) − n − 1 ≡ 0 (mod p).
So because F has characteristic p, we have f(n·g) = 0.Since g is nonzero, the values
{0, g, 2g, 3g, … , (p − 1)g}
are all distinct in F. Thus, f(x) has p distinct roots. But Corollary 12.2 shows us that if f(x) were nonzero, there would be at most p − 1 roots. Thus, f(x) must be the zero polynomial.Proof of Theorem 13.1:
We first need to show that ƒ is a homomorphism. If F is a field of characteristic p, then by Lemma 13.2 we have that
(x + g)p − xp − gp = 0.
for all g in F. Thus, we have the identityƒ(x + y) = (x + y)p = xp + yp = ƒ(x) + ƒ(y).
It is also obvious thatƒ(x·y) = (x·y)p = xp·yp = ƒ(x)·ƒ(y).
So ƒ is a homomorphism. The kernel of ƒ is obviously just 0, since xp = 0 implies that x = 0, since F has no zero divisors. Therefore, the mapping is one-to-one. Since F is a finite field, we can use the pigeonhole principle to show that the mapping is also onto. Therefore, ƒ is an automorphism.Finally, we need to show that ƒ(y) = y if, and only if, y is in the subfield Zp. Note that this subfield is generated by the multiplicative identity, 1:
Zp = {0, 1, 2, 3, … p − 1}.
By Lemma 13.1, for any element in this subfield, ƒ(x) = xp = x. On the other hand, by Corollary 12.2, the polynomial xp − x in F[x] cannot have more than p roots in F. We have already found p solutions, so there cannot be anymore. Therefore, ƒ(y) = y if, and only if, y is in Zp.Proof of Corollary 13.1:
Note that the multiplicative group F has order pn − 1. Thus, by Corollary 3.2, for every element x in F we have
x(pⁿ−1) = 1.
Multiplying both sides by x gives us xpⁿ = x for all x in F*, and also x = 0. Thus, this statement is true for all x in F.We now note that for all x in F, so ƒ n(x) yields the identity automorphism.
To show that the order of ƒ(x) is not less than n, suppose that the order was i < n. Then ƒ i(x) = xpⁱ would be x for all x. But then the polynomial
xpⁱ − x
would have pn solutions. This contradicts Corollary 12.2, since n > i. Therefore, the order of the Frobinius automorphism is n.Proof of Lemma 13.3:
Suppose ƒ is an isomorphism mapping K to M. If w(x) is in K[x], with coefficients ai, we can define ƒ(w(x)) by
| ⎛ | ∞ | ⎞ | ∞ | ||||
| ƒ(w(x)) = ƒ | ⎜ | ∑ | ai xi | ⎟ | = | ∑ | ƒ(ai) xi. |
| ⎜ | ⎟ | ||||||
| ⎜ | ⎟ | ||||||
| ⎝ | i=0 | ⎠ | i=0 |
If v(x) is another polynomial in K[x] with coefficients bi, then
| ⎛ | ∞ | ⎞ | ∞ | ∞ | ∞ | ||||||
| ƒ(w(x) + v(x)) = ƒ | ⎜ | ∑ | (ai + bi) xi | ⎟ | = | ∑ | ƒ(ai + bi) xi = | ∑ | ƒ(ai) xi + | ∑ | ƒ(bi) xi = ƒ(w(x)) + ƒ(v(x)). |
| ⎜ | ⎟ | ||||||||||
| ⎜ | ⎟ | ||||||||||
| ⎝ | i=0 | ⎠ | i=0 | i=0 | i=0 |
Likewise, we have
| ⎛ | ∞ | ∞ | ⎞ | ∞ | ∞ | ∞ | ∞ | |||||
| ƒ(w(x)·v(x)) = ƒ | ⎜ | ∑ | ∑ | (ai·bj) xi+j | ⎟ | = | ∑ | ∑ | ƒ(ai·bj) xi+j = | ∑ | ∑ | ƒ(ai)·ƒ(bj) xi+j = ƒ(w(x))·ƒ(v(x)). |
| ⎜ | ⎟ | |||||||||||
| ⎜ | ⎟ | |||||||||||
| ⎝ | i=0 | j=0 | ⎠ | i=0 | j=0 | i=0 | j=0 |
Thus, ƒ extends to a homomorphism mapping K[x] to M[x]. But the kernel of ƒ is just the identity element, since ƒ preserves the degree of any nonzero polynomial. Thus, ƒ extends to an isomorphism from K[x] to M[x], and ƒ(x) = x.
Proof of Proposition 13.5:
Consider the extension of the Frobienius automorphism onto F[x], as given in Lemma 13.3. If we apply this mapping to the polynomial g(x), we get
ƒ(g(x)) = (x − ƒ(y))·(x − ƒ(ƒ(y)))·(x − ƒ(ƒ(ƒ(y))))· ⋯ ·(x − ƒ n(y)).
Recall we picked n to be the smallest number such that ƒ n(y) = y. Thus,ƒ(g(x)) = (x − ƒ(y))·(x − ƒ(ƒ(y)))· ⋯ ·(x − ƒ n−1(y))·(x − y).
which after rearranging the factors gives g(x) again.Since g(x) is fixed by the Frobinius automorphism, each coefficient of g(x) must be fixed by ƒ(x). But the only elements fixed by ƒ(x) are those in Zp. Thus, g(x) must have all of its coefficients in Zp, and so is a polynomial in Zp[x].
To show that g(x) is irreducible, suppose that
g(x) = h(x)·j(x),
where both h(x) and j(x) are polynomials in Zp[x] of positive degree. Then ƒ(h(x)) = h(x), and ƒ(j(x)) = j(x), since the Frobienius automorphism fixes x and the elements in Zp. By the unique factorization in F[x], (x − y) has to be a factor of h(x) or j(x), but not both, since (x − y) is a factor of g(x), but (x − y)2 is not. Let us suppose that h(x) has (x − y) as a factor. Any factor of j(x) would have to be a factor of g(x), so such a factor would have the form(x − ƒ m(y))
for some m > 0. Thus, ƒ m(y) is a root of j(x), but y is not. But this is impossible, since ƒ m(j(x)) = j(x), and so ƒ m(j(y)) = j(ƒ m(y)) = 0. Therefore, g(x) is an irreducible polynomial in Zp[x].Proof of Proposition 13.6:
Consider the evaluation homomorphism
ϕy : K[x] → K.
We can consider the homomorphism ϕy′ as the restriction of ϕy on F[x]. Let us consider the kernel of this homomorphism. Because f(y) = 0, f(x) is certainly in the kernel of ϕy′. But the kernel cannot be all of F[x], since the constant polynomials are not in the kernel. We know that the kernel is an ideal, and by Corollary 12.7, F[x] is a PID, so the kernel can be written as ⟨g(x)⟩ for some g(x) in F[x]. Yet f(x) is in the kernel, so g(x) divides f(x). But f(x) is irreducible in F[x], and g(x) cannot be a unit, since we have already observed that ⟨g(x)⟩ is not all of F[x]. Therefore, the kernel of ϕy′ is ⟨f(x)⟩.From the first ring isomorphism theorem (10.2), the image of ϕy′ is isomorphic to F[x]/⟨f(x)⟩. We have already mentioned that F[x] is a PID, so by Lemma 12.6 the image is a field. But the field must contain F, since this is the image of the constant polynomials, and also must contain y, the image of the polynomial x. The only subfield of K that contains both y and F is K itself, so F[x]/⟨f(x)⟩ is isomorphic to K.
Proof of Corollary 13.2:
If K is a finite field, by Proposition 13.4, the multiplicative group of K is cyclic. Thus, there must be an element y that generates K as a group. Since K must have finite characteristic p, we will let F be the subfield Zp. Let f(x) be the irreducible polynomial of y over Zp given by Proposition 13.5.
Even though f(x) is irreducible in Zp[x], f(x) has (x − y) as a factor when viewed as a polynomial in K[x]. Note that since y generates all of K, we see that the conditions for Proposition 13.6 are satisfied. Therefore K is isomorphic to Zp[x]/⟨f(x)⟩.
Proof of Lemma 13.4:
Since F is a finite field, by Corollary 13.2 there is a polynomial f(x) in Zp[x] such that F is isomorphic to Zp[x]/⟨f(x)⟩.
Since F and K have the same characteristic, we can consider f(x) to be a polynomial in K[x] as well. Let g(x) be an irreducible factor of f(x) over the domain K[x]. Of course, f(x) may already be irreducible in K[x], in which case we let g(x) = f(x).
Now consider the ring E = K[x]/⟨g(x)⟩. Since K[x] is a PID, by Lemma 12.6 E is a field. In fact, E contains an element that is a root of the polynomial g(x), namely
y = x + ⟨g(x)⟩,
sinceg(y) = g(x + ⟨g(x)⟩) = g(x) + ⟨g(x)⟩ = 0 + ⟨g(x)⟩.
We can now consider the evaluation homomorphismϕy : E[x] → E
Let us first consider the restriction of this homomorphism to the ring Zp[x], which we will call ψ. Thus ψ is the homomorphismψ : Zp[x] → E, ψ(w(x)) = w(y).
Since y is a root of g(x) in the field E, and g(x) in turn is a factor of f(x), we see that y is a root of f(x) in the field E. Thus, f(x) is in the kernel of the homomorphism ψ. Since Zp[x] is a PID, the kernel can be written as ⟨h(x)⟩ for some polynomial h(x) in Zp[x]. But since f(x) is in the kernel, h(x) must divide f(x). But f(x) is irreducible, and h(x) cannot be a unit, or else the kernel would be all of Zp[x], which is impossible since the constant polynomials are not in the kernel. Therefore, the kernel must be ⟨f(x)⟩, and so by the first ring isomorphism theorem (10.2), the image of ψ is isomorphic toZp[x]/⟨f(x)⟩
which is in turn isomorphic to F. Thus, there is a subfield of E isomorphic to F.All we have to do is show that there is a copy of the field K inside of E = K[x]/⟨g(x)⟩. But we can consider the natural homomorphism
i : K[x] → E
given byi(p(x)) = p(x) + ⟨g(x)⟩.
If we restrict this homomorphism onto the constant polynomials, we geti′ : K → E.
Since g(x) is not a unit, it is clear that the kernel of this homomorphism is just 0. Thus, there is a subfield of E isomorphic to K. Therefore, we have constructed a field that contains isomorphic copies of both F and K as subfields.Proof of Corollary 13.3:
If two fields F and K have the same order, by Proposition 13.3, both must have order pn for some prime number p, and some positive integer n. Thus, both F and K have characteristic p, so by Lemma 13.4 there exists a field E that contains isomorphic copies of both F and K as subfields. Let F′ and K′ be the subfields of E isomorphic to F and K, respectively. Consider the polynomial
f(x) = xpⁿ − x
in E[x]. Since F′ is a subfield of E, the Frobenius automorphism is of order n on this subfield. Thus, every element of F′ is a root of f(x). Likewise, every element of K′ is also a root of f(x). But by Corollary 12.2, f(x) can have at most pn roots. Thus, the subfields F′ and K′ must coincide, so certainly they are isomorphic. Hence F and K must be isomorphic.Proof of Proposition 13.7:
We will first show that each nth root of unity is a primitive kth root of unity for exactly one positive divisor k of n. If z = ωns is an nth root of unity, we can let k = n/gcd(n, s). Then k·s = n·(s/gcd(n, s)) is a multiple of n, so zk = 1. Yet if zm = 1, then s·m must be a multiple of n, so (s/gcd(n, s))·m is a multiple of n/gcd(n, s). But (s/gcd(n, s)) and (n/gcd(n, s)) are coprime, so m would be a multiple of k. Thus, ωns is a primitive kth root of unity, with [removed]k = n/gcd(n, s).
Since
xn − 1 = (x − ωn)·(x − ωn2)·(x − ωn3) ⋯ (x − ωnn),
we can collect those factors (x − ωns) for which ωns is a primitive kth root of unity. The result is the formula| xn − 1 = | ∏ | Φk(x). |
| k | n |
Proof of Corollary 13.4:
We will prove this using induction on n. Obviously the first cyclotomic polynomial is x − 1, which has integer coefficients. Let n > 1, and suppose the claim is valid for all previous cyclotomic polynomials. By Proposition 13.7, we can find the nth cyclotomic polynomial as
| Φn(x) = | xn − 1 | , |
| f(x) |
| f(x) = | ∏ | Φk(x). |
| k | n | ||
| k < n |
Since all previous cyclotomic polynomials have integer coefficients, we see by induction that ƒ(x) has integer coefficients. Furthermore, from the definition of the cyclotomic polynomials, we see that the leading coefficients must be 1, hence the leading coefficient of ƒ(x) is 1. So by Corollary 12.1 the quotient
| xn − 1 |
| f(x) |
must in fact have integer coefficients. Therefore, all cyclotomic polynomials have integer coefficients.
Proof of Corollary 13.5:
Since n is divisible by m, whenever m is divisible by k, then n is divisible by k. Thus, every factor appearing in
| xm − 1 = | ∏ | Φk(x) |
| k | m |
also appears in
| xn − 1 = | ∏ | Φk(x). |
| k | n |
In fact, the quotient would be the product of the cyclotomic polynomials Φk(x) for which k is a divisor of n, but not of m. Since the cyclotomic polynomials have integer coefficients,
| xⁿ − 1 |
| xm − 1 |
would have integer coefficients. Furthermore, Φn(x) is one of the cyclotomic polynomials in the factorization of xn − 1 which is not in Thus, the nth cyclotomic polynomial divides (xn − 1)/(xm − 1) in ℤ[x].
Proof of Lemma 13.5:
We first will ask whether 1 is a multiple root of xn − 1. Since 1 is clearly a root,
xn − 1 = (x − 1)·f(x)
for some polynomial f(x). But we can use the division algorithm to produce f(x). We claim that| n − 1 | ||
| f(x) = | ∑ | xk = 1 + x + x2 + x3 + ⋯ + xn−2 + xn−1. |
| k = 0 |
To see this, note that
(x − 1)·f(x) = x·f(x) − f(x) = (x + x2 + x3 + ⋯ + xn−1 + xn) − (1 + x + x2 + x3 + ⋯ + xn−2 + xn−1) = xn − 1.
To see whether 1 is a double root, we observe that| n − 1 | ||
| f(1) = | ∑ | 1k = 10 + 11 + 12 + 13 + ⋯ + 1n−2 + 1n−1 = n. |
| k = 0 |
Thus, f(1) is zero if, and only if, n is a multiple of the characteristic of F. Therefore, 1 is a double root of f(x) precisely when the characteristic is positive and divides n.
Now suppose that n is not a multiple of the characteristic, and that r is a double root of xn − 1. Then
| xⁿ − 1 |
| (x − r)2 |
| (x·r)ⁿ − 1 | = | xⁿ·rⁿ − 1 | = | xⁿ − 1 |
| (x·r − r)2 | (x − 1)2·r2 | (x − 1)2·r2 |
since rn = 1. However, we have already shown that 1 is not a double root of xn − 1, so the right hand side of this equation cannot be a polynomial. Thus, r is not a double root whenever n is not a multiple of the characteristic.
Proof of Theorem 13.2:
We see from Corollary 13.4 that Φn(x) has integer coefficients. Let f(x) be an irreducible factor of Φn(x), with leading coefficient xn. Our goal is to show that f(x) = Φn(x). Since Φn(x) divides xn − 1, we have xn − 1 = f(x)·g(x) for some g(x) ∈ ℤ[x]. Suppose y = ωns is a complex root of f(x), which is a primitive nth root of unity since it is also a root of Φn(x), so s will be coprime to n. Let p be a prime that does not divide n. We want to show that yp is also a root of f(x).
Suppose yp = ωns p is not a root of f(x). Since yp is also a primitive nth root of unity, Φn(yp) = 0, so f(yp)·g(yp) = 0. Since we are assuming that f(yp) ≠ 0, we see that g(yp) = 0. In particular, this means that y is a root of g(xp).
Since y is a root of the irreducible polynomial f(x), and also a root of g(xp), we see that f(x) is a factor of g(xp) in ℤ[x]. Hence, we can write g(xp) = f(x)·h(x) for some h(x) in ℤ[x].
We now consider the polynomials F(x), G(x), and H(x) to be the polynomials f(x), g(x), and h(x) modulo p in Zp[x]. Because of the Frobenius automorphism, G(x)p = G(xp) = F(x)·H(x) in Zp[x]. Since Zp[x] is a UFD, F(x) and G(x) have a common irreducible factor, say m(x), in Zp[x]. This would indicate that m(x) is a repeated factor of xn − 1 in Zp[x]. But then xn − 1 would have a multiple root in Zp[x]/⟨m(x)⟩, which contradicts Lemma 13.5. Thus, we find that ωns p = yp is a root of f(x).
At this point, we have shown that whenever ωns is a root of f(x), and the prime p is coprime to n, then ωns p is a root of f(x). By repeating this process, we see that ωns k is a root of f(x) whenever k is coprime to n. But this means that all primitive nth roots of unity are roots of f(x), so f(x) = Φn(x).
Hence Φn(x) is irreducible.
Proof of Proposition 13.8:
Let h(x) be an irreducible factor of g(x), and let K be the field Zp[x]/⟨h(x)⟩. We wish to show that the order of the field K is pn, since by Proposition 13.2 this would indicate that the degree of h(x) is n. Let y be the element
y = x + ⟨h(x)⟩
in the field K. Then h(y) = 0, and hence g(y) = 0 in the field K. In fact, g(x) would be a factor ofx(pⁿ −1) − 1.
and so ypⁿ = y. In other words, if ƒ(x) is the Frobienious automorphism on K, then ƒ n(y) = y. In fact, ƒ n(1) = 1, and Zp[x] is generated by x and 1, so we find that ƒ n(x) = x for all x in K. Thus, the polynomialxpⁿ − x
has at least |K| roots. By Corollary 12.2, |K| can have at most pn elements.To show that |K| = pn, let us suppose that |K| = pi, where i < n. Then i is the smallest number for which ƒ i(x) = x for all x in K. It is clear that i would have to divide n, since [removed]ƒ n(x) is also x for all x in K.
Since ƒ i(y) = y, we see that y is a root of the polynomial
x(pⁱ −1) − 1.
By Corollary 13.5, Φ(pₙ−1)(x) divides| j(x) = | x(pⁿ −1) − 1 |
| x(pⁱ −1) − 1 |
in ℤ[x], since (pi − 1) divides (pn − 1). Thus, in Zp[x], g(x) divides j(x). Since g(y) = 0, and also y(pⁱ −1) = 1, we see that y would be a multiple root of But by Lemma 13.5, this polynomial can only have a multiple root if (pn − 1) is a multiple of p, which it clearly isn't. Thus, i = n, and so |K| = pn. By Proposition 13.2, the irreducible factors of g(x) over Zp[x] all have degree n.
Proof of Corollary 13.6:
We have already shown in Corollary 13.3 that finite fields of the same order are isomorphic, so all we have to show is that there is a field of order pn. By Proposition 13.9, the cyclotomic polynomial
Φ(pₙ−1)(x)
factors in Zp[x] into irreducible factors of degree n. If we let A(x) be one of those irreducible factors, then by Proposition 13.2, the fieldK = Zp[x]/⟨A(x)⟩
has order pn.Proof of Lemma 13.6:
Let K be a skew field, and let Z be its center. We first will show that Z is a subring. If x and y are two elements in Z, and k is any element in K, then
(x − y)·k = x·k − y·k = k·x − k·y = k·(x − y)
and(x·y)·k = x·(y·k) = x·(k·y) = (x·k)·y = (k·x)·y = k·(x·y)
Thus, both x − y and x·y are in Z. By Proposition 10.1, Z is a subring of K.Both 0 and the identity element are obviously in Z, so Z is nontrivial. Since Z is commutative, all we have left to prove is that every nonzero element of Z is invertible.
If x ≠ 0 is an element in Z and k is in K, then x·k = k·x. The inverse of x exists in K, so we can multiply both sides of the equation on both the left and the right by x-1:
x-1·(x·k)·x-1 = x-1·(k·x)·x-1.
Thus, k·x-1 = x-1·k for all k in K, and so x-1 is in the center Z. Thus, Z is a field.Proof of Lemma 13.7:
Let us begin by rewriting the set Yk. Because
NK⁎({k}) = { x ∈ K* | x·k·x-1 = k },
we can simply say NK⁎({k}) consists of all elements of K* such that x·k = k·x. Of course 0 satisfies this equation as well, so we can writeYk = { x ∈ K | x·k = k·x }.
When written in this form, it is obvious that the center is in Yk. Furthermore, if x and y are in Yk, then(x − y)·k = x·k − y·k = k·x − k·y = k·(x − y)
and(x·y)·k = x·(y·k) = x·(k·y) = (x·k)·y = (k·x)·y = k·(x·y).
Thus, by Proposition 10.1, Yk is a subring of K.Finally, if x is a nonzero element in Yk, then x·k = k·x. Thus,
x-1·(x·k)·x-1 = x-1·(k·x)·x-1,
so k·x-1 = x-1·k. Therefore, every nonzero element of Yk has its inverse in Yk, so Yk is a division ring.Proof of Lemma 13.8:
First suppose that n is divisible by m. Then by Corollary 13.5, xm − 1 divides xn − 1, and in fact Φn(x) divides
| xn − 1 |
| xm − 1 |
Note that since y > 1, ym > 1, so ym − 1 > 0. Thus, y is not a root of ym − 1, so we can apply the evaluation homomorphism ϕy and find that
| yn − 1 |
| ym − 1 |
Now suppose that n is not divisible by m. Then n = m·k + p for some 0 < p < m. But note that
yn − 1 = y(m·k+p) − 1 = ym·k·yp − 1 = yp(ym·k − 1) + yp − 1.
Thus,| yn − 1 | = yp· | ym·k − 1 | + | yp − 1 | , |
| ym − 1 | ym − 1 | ym − 1 |
We have already seen that
| ym·k − 1 |
| ym − 1 |
is an integer, but yp < ym, so the last term cannot possibly be an integer. Therefore,
| yn − 1 |
| ym − 1 |
Proof of Corollary 13.7:
Consider the multiplicative groups K and F. Certainly F is a subgroup of K, since F is a subring of K. Notice that K contains pn − 1 elements, while |F| = pm − 1. By Lagrange's theorem (3.1), pm − 1 must be a factor of pn − 1. So by Lemma 13.8, n must be a multiple of m.
Proof of Lemma 13.9:
From the definition,
| n | ||
| Φn(x) = | ∏ | (x − ωnk). |
| k = 1 | ||
| gcd(k, n) = 1 | ||
Plugging in x = y, and taking the absolute value of both sides, we get
| n | n | ||||
| |Φn(y)| = | ∏ | |y − ωnk| | > | ∏ | (y − 1) ≥ y − 1. |
| k = 1 | k = 1 | ||||
| gcd(k, n) = 1 | gcd(k, n) = 1; | ||||
Here, the inequality |y − ωnk| > (y − 1) comes from the fact that real part of ωnk is less than 1 when n > 1.
Proof of Theorem 13.3:
Suppose that K is a finite skew field. By Proposition 13.3 K is of order pm for some prime p and some m > 0. Let Z be the center of K. Since Z is a subring of K which is a field, by Corollary 13.7, Z is of order y = pa, where m = n·a for some n > 0. Thus, |K| = pn·a = yn. Note that since K is a skew field, n must be greater than 1. We have from the class equation theorem (7.2)
| |K| − 1= | ∑ | |K| − 1 | , |
| |Yk| − 1 | |||
| k |
where the sum runs from one k from each conjugacy class of K*. Note that when k is in Z*, k is in its own conjugacy class, and Yk = K. Thus, the terms in the sum corresponding to elements in Z* are equal to 1. There are of course |Z*| = y − 1 such terms. For the other terms in the sum, Yk is a proper subring of K that contains Z. By Lemma 13.7, Yk is a division ring, and so by Corollary 13.7, |Yk| = yr for some r which is a factor of n. If we let w = Φn(y), we see by Lemma 13.8 that w divides the term
| |K| − 1 | = | yⁿ − 1 | . |
| |Yk| − 1 | yr − 1 |
Furthermore, w divides the left hand side of the class equation, |K| − 1. In fact, the only terms in the class equation that are not divisible by w are the y − 1 terms that are equal to 1, coming from the invertible elements of the center Z. Thus, y − 1 must be divisible by w. But this is impossible, since y − 1 < w by Lemma 13.9, for n > 1. This contradiction proves that finite skew fields cannot exist.
Sage Interactive Problems
§13.1 #18)
The polynomial x4 + x + 1 is irreducible in the field Z2. Use this polynomial to define a field of order 16 in Sage. Show that there is a subfield of order 4 in this field. Is there a subfield of order 8 in this field?
§13.1 #19)
The polynomial x6 + x + 1 is irreducible in the field Z2. Use this polynomial to define a field of order 64 in Sage. Show that there is a subfield of order 4 in this field. Is there a subfield of order 8 in this field?
§13.1 #20)
The polynomial x4 + x + 2 is irreducible in the field Z2. Use this polynomial to define a field of order 81 in Sage. Show that there is a subfield of order 9 in this field. Is there a subfield of order 27 in this field?
§13.2 #20)
First define Z3[x] as follows:
Then find the factorization of the polynomial x3³ − x. Show that all irreducible polynomials with a leading term of x3 are in this factorization. For an explanation see Problem 18.
§13.2 #21)
First define Z2[x] as follows:
Then find the factorization of the polynomial x2⁵ − x. Show that all irreducible polynomials of degree 5 are in this factorization.
§13.3 #16)
First define Z2[x] in Sage,
and then show that the cyclotomic polynomial Φ(2₃−1)(x) factors in the field Z2 into irreducible polynomials of degree 3. Show by process of elimination that the only irreducible polynomials of degree 3 are the ones given in this factorization.
§13.3 #17)
First define Z2[x] in Sage as in Problem 16. Then show that the cyclotomic polynomial Φ(2₄−1)(x) factors in the field Z2 into irreducible polynomials of degree 4. Find one more irreducible polynomial of degree 4 besides the ones given in this factorization. (Hint: Factor the polynomial x2⁴ − x.)
§13.3 #18)
First define Z2[x] in Sage as in Problem 16. Then show that the cyclotomic polynomial Φ(2₅−1)(x) factors in the field Z2 into irreducible polynomials of degree 5. Does this factorization give all of the irreducible polynomials of degree 5 over Z5?
§13.3 #19)
First define Z3[x] in Sage,
and then show that the cyclotomic polynomial Φ(3₂−1)(x) factors in the field Z3 into irreducible polynomials of degree 2. What irreducible quadratic polynomial in Z3 have we seen that is not in this list of factors?
§13.3 #20)
Use Sage to find the Conway polynomial of degree 6 over Z2. Show that raising a root of this polynomial to the 9th power produces a zero of the Conway polynomial of degree 3 over Z2, and raising this root to the 21st power produces a zero of the Conway polynomial of degree 2 over Z2. Hence, the compatibility condition is satisfied.
§13.4 #16)
Sage can be used to explore skew fields besides ℍ. Consider the following ring of characteristic 0:
The ring is defined in terms of 2 generators a and b, such that a3 = 3a + 1, b3 = 2, and b·a = (2 − a2)·b.
This produces a ring that is a 9-dimensional extension of ℚ. A basis for this ring would be
{1, a, a2, b, a·b, a2·b, b2, a·b2, a2·b2}.
Ifthen w is the general element of the ring. To show that this ring is in fact a skew field for rational values of c1, c2, … c9, perform the following operations:
Notice that R does not depend on a or b, hence is an element of ℚ. To simplify it, evaluate
Using this value of R, find a formula for w-1. Can you prove that R is never zero if c1, c2, c3, … c9 are rational?
Hint: If R = 0 for rational values of c1 … c9, we can multiply by the common denominator to find a solution to R = 0 for integer values. In fact, we may assume that c1, c2, c3, … c9 have no common factors. Show that the first three constants must be even. After a substitution, show that c4, c5, c6 must be even. After yet another substitution, show that the remaining constants must be even, leading to a contradiction.
§13.4 #17)
Find the center of the skew field from Problem 16.
§13.4 #18)
Find the normalizer of the element a·b in the skew field from Problem 16.
Hint: Use the simplified form of the normalizer from Lemma 13.7.
§13.4 #19)
Load the unit Hurwitz integers into Mathematica as follows:
What is the center of this group? What group is U/Z(U) isomorphic to?
§13.4 #20)
Since 13 can be expressed as the sum of 4 squares in 2 different ways, show that there are two ways of factoring 13 in Hurwitz integers. See Problem 13. Show that these factorizations are not related by associates in the sense of Problem 14. The easiest to show that the primes p and q are not associates is with a nested for loop.